Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above.
You may have to register before you can post: click the register link above to proceed.
To start viewing messages, select the forum that you want to visit from the selection below.

My wife only knows PCs, and she gave me holy hell for clicking on an obviously fake e-mail purporting to be from PayPal about my "account." I was curious to check out the scam, and she said it could have given me a virus or installed spyware... and even as I type it could be recording all my keystrokes!!! EEEEEK...

OK... I have a Mac. I know they ain't impervious to a virus, but most viruses aren't built for Macs... but what about spyware? Do I have anything to be worried about, really? Is it likely there could be spyware in my Mac now?

Whether there are viruses on Mac or not, it's good practice to not open attachments from unknown sources. And the fake PayPal-mails use social engineering, so they obviously work with any platform. Whenever you enter a site where you have to enter your password (like your bank, eBay and PayPal) always type in the URL into the browser's address bar yourself before you do it. Never enter your account data into the site after you clicked a link, even if it looks absolutely legit.

TETENAL is right be cautious when receiving these types of email, sometimes the website will be fake and get your personal info such as passwords and such. I just finished cleaning up my friends PC and boy that thing was loaded with viruses, spyware, and malware. Later they asked if my mac gets infected since I'm always on the net like there PC, and when I said never his wife said to him you should have bought me a mac and not a dell.

Also dont worry to much about viruses on the mac, the script kiddes(sp?) haven't begun there onslaught on the mac platform yet.

--erik-- and TETENAL are both correct. There are no known virus or spyware threats to Macs in the wild at this time, BUT it's never a good idea to open attachments in unsolicited emails-sometimes it's just a good idea to not open these emails at all.

There seems to be a PayPal phishing scheme in play at this time (I've seen lots of chatter on a number of boards to the effect "So and So online vendor stole my PayPal account!!!-oh, wait, I fell for a scam!") so let's review the basics.

>>LEGITIMATE EMAILS FROM PLACES LIKE PAYPAL WILL NEVER, NEVER, NEVER!!!! ASK FOR YOUR USERNAME AND PASSWORD.
>>ALWAYS DOUBLE OR TRIPLE CHECK THAT THE URL YOU'RE USING FOR SUCH PLACES IS REALLY THEIR URL-DON'T DEPEND ON A LINK IN ANY EMAIL, USE YOUR OWN BOOKMARK OR ENTER IT MANUALLY.
>>THINK FOUR TIMES BEFORE YOU SUBMIT ANY OF YOUR PERSONAL INFORMATION, PARTICULARLY BANKING INFORMATION, TO ANY SITE.

As an aside, if you use Boot Camp to boot your Mac with Windows, you CAN get a virus on that partition, and there are viruses that just plain wipe the WHOLE hard drive, so always use an antivirus package with ANY Windows installation.

I think there is an easy way to protect yourself against email scams.... simply look at the full headers of the email and the envelope information to see where the email really came from. If it came outside of the domain indicated within the email headers, it's likely a scam. If it came from inside the domain, they either have a compromised network or else it is a legit email.

Of course, common sense prevails in judging an email by its contents too.

Regardless if the Mac isn't susceptible to most viruses. Its generally a good idea to just trash any junk mail, or spam. If you use an html enabled email reader the spammers can verify that your email is active when you open an email because they can track if an image is loaded. Tetenal hit the nail on the head. The biggest thing to worry about on a Mac is not viruses or spyware. Its social engineering.

Whether there are viruses on Mac or not, it's good practice to not open attachments from unknown sources. And the fake PayPal-mails use social engineering, so they obviously work with any platform. Whenever you enter a site where you have to enter your password (like your bank, eBay and PayPal) always type in the URL into the browser's address bar yourself before you do it. Never enter your account data into the site after you clicked a link, even if it looks absolutely legit.

Second that.
Don't start bad habits.

With some loud music + a friend to chat nearby you can get alot done. - but jezz, I'd avoid it if I had the choice---- If only real people came with Alpha Channels.......:)
AIM:xflaerdeinterlaced.com

Thanks for the insight Brokenjago. The only reason why I have AV software is because I sometimes share files with Windows people and I don't want to unwittingly give them a virus. I know 99.9999% of viruses/worms/trojan/etc are made for Windows boxes so they wouldn't affect me even if I did have an infected file on my Mac but it WOULD affect the poor Windows person that I unknowningly passed the file onto which is why I keep ClamXav even though it is slow as Hell. I think I'll just use it to scan select files that I'm about to send to Windows boxes and that's it.

I think I'll just use it to scan select files that I'm about to send to Windows boxes and that's it.

The way I have set it up is to use the Folder Sentry to scan my browser Downloads folder, my iChat attachments folder and my ~/Library/Mail Downloads folder. Anything else I can do manually using the contextual menu option or by drag and drop, should I even need to. Otherwise, those are the only three locations that I have potentially infected files coming in to my system.

The good ones don't. I've NEVER seen any performance impact from Norton AV on a Mac. (Of course I'm also someone that actually uses it instead of buying the FUD that Norton will neuter your dog and urinate in your car, but I'm funny that way.)

None of the "well known" free ones should load down your system, either. Products like ClamAV are not known for being resource hogs.

About phishing scams; they are not the same as spam. Spammers make money from spamming. They pay good money for 'good' leads, i.e. live, active e-mail addresses. They use plenty of ways to discover these. Popular one is placing images in html but fetching them through FTP instead of regular html; that way, your e-mail client automatically has to log in as anonymous user (with your e-mail address as password). They search the logs for anonymous' users passwords and harvest fresh, active e-mail addresses.

Phishing scams don't care about live addresses that much. They are mostly one-shot deal. They actually are spammers' customers. They purchase these massive mailing lists and blast their phishing messages to these lists. Their goal is to lure you to their web-site in order to give them your paypal/eBay/HSBC/Bank of America/Chase/etc. IDs and passwords. There is zero danger from opening a phishing message. Zero danger from clicking a link in that message and viewing that phishing site. I have done it many times, for the same reason original poster did; curiosity. In many cases, these phishing fake pages were hosted on compromised servers; once I saw a fake eBay login page on a site about chrochet (you know, doilies, mittens, hook-and-yarn stuff...!!). These sites are the easiest prey for phishers, since often they are simple, with an easy-to-break FTP password (children's names, dates of birth, etc.). I would usually notify the original webmaster that their site was compromised. It would do a little good, since the phishing attempt lasts no more than two-three days. By then, phisher has hopefully collected several thousand passwords. Oftentimes, fake phishing pages are hosted in China or Taiwan (do a trace to one of those and you'll see).

The bottom line, and my 0.02$ to the original poster: Feel free to click on anything but SPAM. You will not get infected by any virus, spyware or any other malware. There still is none for Mac OS X.

ClamXav is almost useless. It'll identify what files are infected, then move them to a specific folder, however, it doesn't actually clean any files of a virus.

"…I contend that we are both atheists. I just believe in one fewer god than
you do. When you understand why you dismiss all the other possible gods,
you will understand why I dismiss yours." - Stephen F. Roberts

i have mail set up so i view my email list on top... and when i click on an email it loads up on the bottom half of the program...

problem is... to delete junk mail i have to click on the actual email to highlight it and it starts to load, then i push the delete button an i delete it, reason why i dont delete all the emails at once is because sometimes emails get marked as spam when they are not, if i see one by the subject ok fine... but if i cant just tell from the subject i have to open them...

how at risk am i if i view the emails... but never enter any information, or download or open any attachments, all i do is view them to see what they are and then press delete... the program deletes my trash when i close the program everyday...

Well, vitalprogeny, your only risk is that of exposing your e-mail address to the spammer. When an image loads inside an HTML message, it is often loaded directly from a remote FTP server. As mentioned above, in order to show it, your Mail app has to log into this FTP server, providing it with your e-mail address as a password. This is one of the ways spammers harvest live e-mails. There is a way, however, to mark messages as junk without actually clicking on them (and thereby displaying the body, complete with those remote images). You can configure the top part of your Mail app to show the message's junk status. That way, if you are sure it is a junk message, instead of clicking on the subject, or the sender's name, you click on the little dot in the 'Junk status' column. It will mark the message as junk right away, and it won't display it; instead, the message will move straight into your junk folder. This only works if you have Mail app configured to automatically move messages determined (or marked) to be junk into the junk folder. If not, this won't work. However, there is another (albeit longer) option. If you have only one message that you want to mark as junk, select a legitimate message right before or after it. Then, shift+click your junk message; now both messages are selected and neither is displayed in the preview pane. Then mark them both as junk. Once you do that, select the legitimate again and unmark its junk status. This multiple selection technique works even better when you have multiple junk messages: first select a legitimate one, then Ctrl+ select junk ones; then Ctrl+deselect the good one and mark the remaining selected junk as, well, junk.

Some great points in the above posts.
There are no viruses that can infect a Mac.
Now, having said that, if you use Windows on a Mac you need anti-virus and all kinds of other mal-ware protection. There are Windows viruses that can only be removed by a hard drive reformat. And it does make you a good neighbor to stomp on viruses from your Windows buddies.
There are businesses and organizations that simply require anti-virus software, Clam and Norton are fine, they shouldn't slow down your system. If that seems to be the case then you have some other problems going on.
Finally, the most effective spam campaigns are those that have you the user clicking on phishing expeditions! No software protection is going to immunize you from your own behavior!

There are no viruses that can infect a Mac.
<snip>...Clam and Norton are fine, they shouldn't slow down your system.<snip>

Strictly speaking, neither of those statements is true. There are MS Office macro viruses that can function on the Mac, even in OS X (and if you still use Classic, there are 40 or so viruses that are active against the system); ClamXav and Norton will slow down your system when they are doing processor intensive tasks such as actively scanning a file or files for viruses.